Skip to content

Grant v0.1.0 (INTERNAL-PRE-RELEASE)
Compare
Choose a tag to compare
@spiffcs spiffcs released this 20 Dec 15:20
· 103 commits to main since this release
v0.1.0
6935dd3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Grant – License information is just an SBOM away v0.1.0 (INTERNAL-PRE-RELEASE)

Grant is a new tool from the Anchore team that can view and check licenses from a given software bill of material.

Features

  • Users can supply an SBOM to grant and obtain a license violation report
  • Grant also can take an image or directory input, generate an SBOM, and then use those results as part of the license check.
  • list all the licenses found for a given container image or directory
  • Grant also has the ability to recognize licenses passed to it as a part of its input.
  • Given some text, grant can recognize a license and compare it to the provided configuration along with the SBOM or other supplied containers
  • Licenses are checked against the SPDX license list found here: https://spdx.org/licenses/.
Assets 9
Loading